Phishing attacks and scams have been a ‘go to’ tactic for cybercriminals for years and have taken on an added dimension since the COVID pandemic began. Today, they account for more than 80 percent of reported security incidents. That’s why Week 2 of Cybersecurity Awareness Month focuses on the importance of being wary of suspicious emails, links or attachments.
A major part of the problem is that the sophistication and volume of phishing attacks is continuing to grow. From Google sign-in imitation emails, HMRC and bank emails that aim to scare people into action or hold out the prospect of financial benefit, or even innocent-looking subscription service membership resets, the sheer range of threats is mindblowing. As a result, there’s always reason to pause for thought before clicking on external messages from personal accounts.
In the work context, emails purporting to be from the recipient’s HR department or even their CEO may look legitimate, but users should always be prepared to check on their authenticity before opening an attachment or clicking on a link.
The effects of a phishing attack can paralyze an organization and cause a huge range of major problems, from significant financial impact, loss of intellectual property, damage to reputation and disruption of operational activities.
Among the biggest known examples include the fake invoice emails that cost Google and Facebook over $100 million, and the phishing attacks used by cybercriminals to penetrate the networks of Sony Pictures Entertainment. Attackers claimed to have stolen over 100 terabytes of data in an incident that was both damaging and embarrassing to the company
Despite a push for overall cybersecurity awareness in the past few years, individuals are still falling victim to cyber adversaries conducting these attacks because of the lack of targeted education on phishing. This is compounded by an over-reliance on security strategies and technologies that react to being exposed to cybersecurity threats rather than removing those contained in file attachments before they even reach users.
That’s why events such as Cybersecurity Awareness Month remain so important. To read more about how Glasswall helps organizations defeat the threats posed by file-based threats, click here.